4. Configuring and Setting up the WebDAV services

Now for the easy part. In this section we will WebDAV enable a directory under Apache root.

4.1. Modifications to the /usr/local/apache/conf/httpd.conf

Please verify that the following Apache directive appears in the /usr/local/apache/conf/httpd.conf :

  Addmodule mod_dav.c

If it does not please add it. This directive informs Apache about DAV capability. The directive must be placed outside any container.

Next we must specify where Apache should store the DAVLockDB file. DAVLockDB is a lock database for the WebDAV. This directory should be writable by the httpd process.

I store the DAVLock file under /usr/local/apache/var. I use this directory for other purposes as well. Please add the following line to your /usr/local/apache/conf/httpd.conf to specify that the DAVLockDB file will be under /usr/local/apache/var :

  DAVLockDB      /usr/local/apache/var/DAVLock 

The directive must be placed outside any container.

4.2. Creating a directory for DAVLockDB

As mentioned above a directory must be created for DAVLockDB that can be written by the web server process. Usually web server process runs under the user 'nobody' . Please verify this for your system using the command:

ps -ef | grep httpd

Under /usr/local/apache create the directory and set the permissions on it using the following commands:

  # cd /usr/local/apache
  # mkdir var
  # chmod -R 755 var/
  # chown -R nobody var/
  # chgrp -R nobody var/

4.3. Enabling DAV

Enabling DAV is a trivial task. To enable DAV for a directory under Apache root, just add the following directive in the container for that particular directory:

  DAV On

This directive will enable DAV for the directory and its sub-directories.

The following is a sample configuration that will enable WebDAV and LDAP authentication on /usr/local/apache/htdocs/DAVtest. Place this in the /usr/local/apache/conf/httpd.conf file.

 DavLockDB /tmp/DavLock
<Directory "/usr/local/apache2/htdocs/DAVtest">
Options Indexes FollowSymLinks
AllowOverride None
order allow,deny
allow from all
AuthName "SMA Development server"
AuthType Basic
LDAP_Debug On
#LDAP_Protocol_Version 3
#LDAP_Deref NEVER
#LDAP_StartTLS On
LDAP_Server you.ldap.server.com 
#LDAP_Port 389
# If SSL is on, must specify the LDAP SSL port, usually 636
LDAP_Port 636
LDAP_CertDbDir /usr/local/apache2/sslcert
Base_DN "o=SDS"
UID_Attr uid
DAV On
#require valid-user
require valid-user 
#require roomnumber "123 Center Building"
#require filter "(&(telephonenumber=1234)(roomnumber=123))"
#require group cn=rcs,ou=Groups
</Directory>

4.4. Create a Directory called DAVtest

As mentioned in a earlier section, all DAV directories have to be writable by the WebServer process. In this example we assume WebServer is running under username 'nobody'. This is usually the case. To check httpd is running under what user, please use:

# ps -ef | grep httpd

Create a test directory called 'DAVtest' under /usr/local/apache2/htdocs :

# mkdir /usr/local/apache/htdocs/DAVtest

Change the permissions on the directory to make it is read-writable by the httpd process. Assuming the httpd is running under username 'nobody', use the following commands:

  # cd /usr/local/apache/htdocs
  # chmod -R 755 DAVtest/
  # chown -R nobody DAVtest/
  # chgrp -R nobody DAVtest/

4.5. Restart Apache

Finally you must run the configuration test routine that comes with Apache to verify the syntax in httpd.conf :

# /usr/local/apache/bin/apachectl configtest

If you get error messages please verify that you followed all of the above mentioned steps correctly. If you can not figure out the error message feel free to email me with the error message (saqib@seagate.com).

If the configtest is successful start the apache web-server:

# /usr/local/apache/bin/apachectl restart

Now you have WebDAV enabled Apache Server with LDAP authentication and SSL encryption.

4.6. WebDAV server protocol compliance testing

It is very important that the WebDAV that we just implemented be fully complaint with the WebDAV-2 protocol. If it is not fully compatible, the client side WebDAV applications will not function properly.

To test the complaince we will use a tool called Litmus. Litmus is a WebDAV server protocol compliance test suite, which aims to test whether a server is compliant with the WebDAV protocol as specified in RFC2518.

Please download the Litmus source code from http://www.webdav.org/neon/litmus/ and place it in the /tmp/downloads directory.

Then use gzip and tar to extract the files:

# cd /tmp/downloads
# gzip -d litmus-0.6.x.tar.gz
# tar -xvf litmus-0.6.x.tar
# cd litmus-0.6.x

Compiling and installing Litmus is easy:

# ./configure
# make
# make install

make install will install the Litmus binary files under /usr/local/bin and the help files under /usr/local/man

To the test the complaince of the WebDAV server that you just installed, please use the following command

# /usr/local/bin/litmus http://you.dav.server/DAVtest userid passwd